I have a Wordpress installation on the root of an apache (I.E. on /) and WP wrote this custom .htaccess:<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Now I need to hide a single php script, let's say in /scritps/hello.php, I tried a .htaccess in /scripts with:<files hello.php>
Order allow,deny
Deny from all
</files>

But it gets overriden by WP's .htaccess, and hello.php is shown anyway. (I know this because moving the scripts directory out of WP to another vhost on my local environment makes it work.

I want to hide this php file on the live site because it should only be called by cron from the command line, and I can't put the file outside the apache root because that's all I have FTP access to.
And no, I don't have SSH access, someone else's going to set the cron job.